83df03c8f5d61d37e2fda501c67937f970b7af0c |
|
16-Apr-2012 |
Brian Carlstrom <bdc@google.com> |
Allow empty passwords when installing from a PKCS#12 file Bug: http://code.google.com/p/android/issues/detail?id=28189 Change-Id: I6ce96eba0e7e583e49a17179d3f3c66df5f13a29
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
885c0a68bb4a91d461914c43c2e42a565394aa59 |
|
03-Feb-2012 |
Shuhrat Dehkanov <uzbmaster@gmail.com> |
Remove PKCS12_PASSWORD_DIALOG and NAME_CREDENTIAL_DIALOG in order to correctly recreate it on onCreateDialog If an empty password or name is supplied for certificate password or certificate name dialogs, respectively, showDialog is called without removing them. As a result onCreateDialog is not called leaving the dialog without visible UI to the user. Steps to reproduce: 1. Put password protected certificate to the SD card. 2. Navigate to Settings > Security and initiate certificate installation. 3. Provide an empty password and press OK. 3.1. Provide an empty name for NAME_CREDENTIAL_DIALOG related issue. Change-Id: I83ffd680313eb9c69214113d3091a70910a80ae2 Signed-off-by: Shuhrat Dehkanov <uzbmaster@gmail.com>
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
c256369ee7fe39051f35bc9b04dfad78f9644d80 |
|
13-Sep-2011 |
Ben Komalo <benkomalo@google.com> |
Make cert name selected by default. This makes it easy to replace if it's a big giberrish string. Bug: 5280250 Change-Id: Iaedee686a3c56133f4e417a40f9175a194181c6c
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
6952ee2bb146db2979aff3cfd6d18cbdebd8a7e9 |
|
22-Jul-2011 |
Brian Carlstrom <bdc@google.com> |
Rotation fixes for CertInstaller When rotating, the dialog would be dismissed, which the handler took as a user negative action and called toastErrorAndFinish. Fixed by having click handlers on the buttons themselves. Bug: 5051850 Change-Id: I5f1aeb6c918b2b7b6bebf096ee25ff8247b5877d
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
a0bdabb40db36f2adf458c32055e5c7ee817105a |
|
10-Jul-2011 |
Brian Carlstrom <bdc@google.com> |
Remove PKEY_MAP entry when empty Change-Id: I7a532209d906f0e2194fccaf5eafd8602f3cb57a
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
a921a7f6b86e2564f70e841c0b10b368f6b8d495 |
|
07-Jul-2011 |
Brian Carlstrom <bdc@google.com> |
Canceling cert installation should not delete the file Also fix to exit CertFileList when list becomes empty Bug: 4600283 Change-Id: Ib0a27f8d2f9ee4be8da02625e9f919bcfa6e791b
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
00736f76392c742e9c72c51f158ad7020f22524c |
|
29-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
Tracking move to KeyChain credential installation API Bug: 3497064 Change-Id: I4d49354f4687f95d8239ea98d79bd61d06c4ce82
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
2aa55a29f1384da5fc574646c936760b67c205c9 |
|
31-May-2011 |
Brian Carlstrom <bdc@google.com> |
Integrating keystore with keyguard (Part 2 of 4) Summary: frameworks/base keystore rewrite keyguard integration with keystore on keyguard entry or keyguard change KeyStore API simplification packages/apps/Settings Removed com.android.credentials.SET_PASSWORD intent support Added keyguard requirement for keystore use packages/apps/CertInstaller Tracking KeyStore API changes Fix for NPE in CertInstaller when certificate lacks basic constraints packages/apps/KeyChain Tracking KeyStore API changes Details: frameworks/base Move keystore from C to C++ while rewriting password implementation. Removed global variables. Added many comments. cmds/keystore/Android.mk cmds/keystore/keystore.h cmds/keystore/keystore.c => cmds/keystore/keystore.cpp cmds/keystore/keystore_cli.c => cmds/keystore/keystore_cli.cpp Changed saveLockPattern and saveLockPassword to notify the keystore on changes so that the keystore master key can be reencrypted when the keyguard changes. core/java/com/android/internal/widget/LockPatternUtils.java Changed unlock screens to pass values for keystore unlock or initialization policy/src/com/android/internal/policy/impl/PasswordUnlockScreen.java policy/src/com/android/internal/policy/impl/PatternUnlockScreen.java KeyStore API changes - renamed test() to state(), which now return a State enum - made APIs with byte[] key arguments private - added new KeyStore.isEmpty used to determine if a keyguard is required keystore/java/android/security/KeyStore.java In addition to tracking KeyStore API changes, added new testIsEmpty and improved some existing tests to validate expect values. keystore/tests/src/android/security/KeyStoreTest.java packages/apps/Settings Removing com.android.credentials.SET_PASSWORD intent with the removal of the ability to set an explicit keystore password now that the keyguard value is used. Changed to ensure keyguard is enabled for keystore install or unlock. Cleaned up interwoven dialog handing into discrete dialog helper classes. AndroidManifest.xml src/com/android/settings/CredentialStorage.java Remove layout for entering new password res/layout/credentials_dialog.xml Remove enable credentials checkbox res/xml/security_settings_misc.xml src/com/android/settings/SecuritySettings.java Added ability to specify minimum quality key to ChooseLockGeneric Activity. Used by CredentialStorage, but could also be used by CryptKeeperSettings. Changed ChooseLockGeneric to understand minimum quality for keystore in addition to DPM and device encryption. src/com/android/settings/ChooseLockGeneric.java Changed to use getActivePasswordQuality from getKeyguardStoredPasswordQuality based on experience in CredentialStorage. Removed bogus class javadoc. src/com/android/settings/CryptKeeperSettings.java Tracking KeyStore API changes src/com/android/settings/vpn/VpnSettings.java src/com/android/settings/wifi/WifiSettings.java Removing now unused string resources res/values-af/strings.xml res/values-am/strings.xml res/values-ar/strings.xml res/values-bg/strings.xml res/values-ca/strings.xml res/values-cs/strings.xml res/values-da/strings.xml res/values-de/strings.xml res/values-el/strings.xml res/values-en-rGB/strings.xml res/values-es-rUS/strings.xml res/values-es/strings.xml res/values-fa/strings.xml res/values-fi/strings.xml res/values-fr/strings.xml res/values-hr/strings.xml res/values-hu/strings.xml res/values-in/strings.xml res/values-it/strings.xml res/values-iw/strings.xml res/values-ja/strings.xml res/values-ko/strings.xml res/values-lt/strings.xml res/values-lv/strings.xml res/values-ms/strings.xml res/values-nb/strings.xml res/values-nl/strings.xml res/values-pl/strings.xml res/values-pt-rPT/strings.xml res/values-pt/strings.xml res/values-rm/strings.xml res/values-ro/strings.xml res/values-ru/strings.xml res/values-sk/strings.xml res/values-sl/strings.xml res/values-sr/strings.xml res/values-sv/strings.xml res/values-sw/strings.xml res/values-th/strings.xml res/values-tl/strings.xml res/values-tr/strings.xml res/values-uk/strings.xml res/values-vi/strings.xml res/values-zh-rCN/strings.xml res/values-zh-rTW/strings.xml res/values-zu/strings.xml res/values/strings.xml packages/apps/CertInstaller Tracking KeyStore API changes src/com/android/certinstaller/CertInstaller.java Fix for NPE in CertInstaller when certificate lacks basic constraints src/com/android/certinstaller/CredentialHelper.java packages/apps/KeyChain Tracking KeyStore API changes src/com/android/keychain/KeyChainActivity.java src/com/android/keychain/KeyChainService.java support/src/com/android/keychain/tests/support/IKeyChainServiceTestSupport.aidl support/src/com/android/keychain/tests/support/KeyChainServiceTestSupport.java tests/src/com/android/keychain/tests/KeyChainServiceTest.java Change-Id: I280f54b9305c3b5549ae2dfc8eb890493806cc78
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
ead4057af45c80af262613d93abd85c49ef98db2 |
|
18-May-2011 |
Brian Carlstrom <bdc@google.com> |
Move to KeyChain.bind Change-Id: I7040a855705b72fcf5d7477db279affa6009bc72
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
30389d0148993679892385e007596a56ed46b6ac |
|
18-May-2011 |
Brian Carlstrom <bdc@google.com> |
CertInstaller should use RESULT_OK to communicate success to callers Change-Id: I6f25ffab113573169badd7cb116381f3412fbf31
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
59f9a2721b1917c74e53f28f9d24e26e29fe0221 |
|
12-May-2011 |
Brian Carlstrom <bdc@google.com> |
Make CertInstaller installed CA certs trusted by applications via default TrustManager (3 of 6) frameworks/base Adding IKeyChainService APIs for CertInstaller and Settings use keystore/java/android/security/IKeyChainService.aidl libcore Improve exceptions to include more information luni/src/main/java/javax/security/auth/x500/X500Principal.java Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods. Added support for adding user CAs in a separate directory for system. Added support for removing system CAs by placing a copy in a sytem directory luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash to make sure the implementing algorithms doe not change since TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to 1.0.0) luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Extensive test of new TrustedCertificateStore behavior luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java TestKeyStore improvements - Refactored TestKeyStore to provide simpler createCA method (and internal createCertificate) - Cleaned up to remove use of BouncyCastle specific X509Principal in the TestKeyStore API when the public X500Principal would do. - Cleaned up TestKeyStore support methods to not throw Exception to remove need for static blocks for catch clauses in tests. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/java/security/KeyStoreTest.java luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Added private PKIXParameters contructor for use by IndexedPKIXParameters to avoid wart of having to lookup and pass a TrustAnchor to satisfy the super-class sanity check. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java luni/src/main/java/java/security/cert/PKIXParameters.java packages/apps/CertInstaller Change CertInstaller to call IKeyChainService.installCertificate for CA certs to pass them to the KeyChainServiceTest which will make them available to all apps through the TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask. src/com/android/certinstaller/CertInstaller.java Added installCaCertsToKeyChain and hasCaCerts accessor for use by CertInstaller. Use hasUserCertificate() internally. Cleanup coding style. src/com/android/certinstaller/CredentialHelper.java packages/apps/KeyChain Added MANAGE_ACCOUNTS so that IKeyChainService.reset implementation can remove KeyChain accounts. AndroidManifest.xml Implement new IKeyChainService methods: - Added IKeyChainService.installCaCertificate to install certs provided by CertInstaller using the TrustedCertificateStore. - Added IKeyChainService.reset to allow Settings to remove the KeyChain accounts so that any app granted access to keystore credentials are revoked when the keystore is reset. src/com/android/keychain/KeyChainService.java packages/apps/Settings Changed com.android.credentials.RESET credential reset action to also call IKeyChainService.reset to remove any installed user CAs and remove KeyChain accounts to have AccountManager revoke credential granted to private keys removed during the RESET. src/com/android/settings/CredentialStorage.java Added toast text value for failure case res/values/strings.xml system/core Have init create world readable /data/misc/keychain to allow apps to access user added CA certificates installed by the CertInstaller. rootdir/init.rc Change-Id: Idc4e6dd927cf829268a684061e14412623f89d80
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
8eeadc240ebdeb5274035b3d1158d8e907897970 |
|
09-Jun-2010 |
Hung-ying Tyan <tyanh@google.com> |
CertInstaller: fix crash on invalid certificate Change-Id: I527c328b76b66357fec6127b79f314c8ebf90b7c
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
832878cac1a136b1952de51cc2417d4e18188403 |
|
11-Feb-2010 |
Hung-ying Tyan <tyanh@google.com> |
Fix two certinstaller bugs. + Certinstaller does not handle key pair correctly when keystore is locked. http://b/issue?id=2351926 + Certinstaller crashes when installing from SD card where the "download" folder does not exist. + Remove redundant res IDs.
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
3e722cadf66802194267460fe5de77e6c18530eb |
|
15-Oct-2009 |
Hung-ying Tyan <tyanh@google.com> |
An overhaul on certinstaller. * Fix state handling, identifying first-time-only execution etc. * Fix the case where more than one alias exists in a pkcs12 keystore. (http://b/issue?id=2202474) * Improve UX: go ahead to install when there's only one cert file on SD card. * Improve UX: make background transparent when not browsing files. * Break the code into multiple activies and helper classes.
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
1c0ebf4585c9cf9c0a451b46bb237b92c14dfe07 |
|
01-Oct-2009 |
Hung-ying Tyan <tyanh@google.com> |
Fix a bug where dialog is reopened when app dies.
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
d9cbc585f14dfde2f226fa172d335666424fd3fb |
|
30-Sep-2009 |
Hung-ying Tyan <tyanh@google.com> |
Some minor fixes. * Sdcard --> SdCard. * change some variable names to more descriptive ones. * check isFinishing() in createFileList(). * throw a toast when no pkcs12 file is found on sdcard.
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
c87a48ac1c22403b690330f0cf7a1890f9a0c4eb |
|
28-Sep-2009 |
Hung-ying Tyan <tyanh@google.com> |
Fix the issue where cert comes later than keypair.
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
bedff945a7dffd019035154f78018b350e47ee66 |
|
24-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
CertInstaller: remove wrong import entries.
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
338b375c3a5e89edbfb235629834c9d684a3ddeb |
|
24-Sep-2009 |
Chung-yih Wang <cywang@google.com> |
Just change to an empty class for fixing the filename issue.
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|
6765abbeac1c2902cc4efaa55ffefb9c3221fe0e |
|
15-Sep-2009 |
Hung-ying Tyan <tyanh@google.com> |
Initial implementation of CertInstaller
/packages/apps/CertInstaller/src/com/android/certinstaller/CertInstaller.java
|